Browsing tag
The IT security researchers at TrustWave have discovered critical zero-day vulnerabilities in video conferencing products developed by Lifesize which, if exploited by attackers can cause a great deal of damage. Lifesize is an audio and video telecommunication firm based in the United States with offices in Africa, Europe, and the Middle East. Its products are used by […]
This privilege escalation flaw would allow a remote attacker to impersonate an administrator Microsoft has confirmed the existence of privilege escalation vulnerability on the Exchange server that is considered critical. According to network security and ethical hacking specialists from the International Institute of Cyber Security, this flaw could allow a hacker with a simple mailbox […]
Microsoft Office for decades has been mocked for being a bloatware office suite and a favorite target of exploits and hacks for those who wants to take advantage. This is due to its monopolistic hold when it comes to desktop-based office suite (not overall, as that honor belongs to Google Gdocs), only a small portion […]
According to the 2019 Cyber Threat Outlook published by defense industry firm Booz Allen Hamilton, the year 2019 is likely to see an increase of state actors taking aim at the private sector in foreign companies, continuing an ongoing trend over the past several years. The report published quotes about economically-motivated attacks, aimed at “stealing […]
The legacy-dependence of the financial sector is very evident, many banks are still using legacy hardware and software to perform their day-to-day operations. Such a legacy system performs admirably when it comes to the aspect of reliability and uptime, old mainframe and old Unix boxes really do run 24/7 until power is cut. Unfortunately, the […]
An attacker could intercept communication metadata to locate of a mobile phone Network security and ethical hacking specialists reported the discovery of vulnerability in the 5G communication protocol, which will be implemented soon. Apparently this vulnerability is more severe than the previously ones discovered, as it affects the 3G and 4G protocols in addition to […]
The international coordination center for vulnerability disclosures has alerted about this critical error The CERT Coordination Center (CERT/CC) has launched a vulnerability warning for Microsoft Exchange 2013 and later versions. According to network security and ethical hacking specialists from the International Institute of Cyber Security, the problem with Microsoft’s online service is a vulnerability to […]
A malicious user could perform a Man-in-The-Middle attack to extract user’s sensitive information Network security and ethical hacking specialists from the International Institute of Cyber Security report the finding of a new vulnerability in the desktop application for Windows Sky Go; the error in question leaks multiple session data, including victim’s usernames. Sean Wright, specialized […]
APT, one of the major Linux software installation programs, presents a serious security flaw Users willing to install programs in Linux distributions such as Debian, Ubuntu, or Mint, usually resort to using the main software installation program known as the Advance Package Tool (APT). Although functional under appropriate circumstances, network security and ethical hacking experts […]
A combination of two exploits allows attackers to install malicious code on IPhone X devices A network security researcher from China has recently revealed technical details about some critical vulnerability in iOS and Safari, the Apple browser, which, if exploited, could allow an attacker to remotely compromise an iPhone X with operating system iOS 12.1.2 […]
An attacker could run a malicious MySQL server and gain access to the connected data, as reported in a security message MySQL administrators have posted a security alert informing users about a drawback with LOCAL LOAD DATA, noting that “the declaration can load a file located on the server host or, if the local keyword […]
A specialist recently published the findings of his research According to experts in network security and ethical hacking from the International Institute of Cyber Security, the firmware of the WiFi chips used in various devices presents multiple security drawbacks. According to reports, some of these flaws could be exploited for remote execution of arbitrary code, […]
A default configuration grants full admin-level access to unauthenticated remote users A critical uncorrected vulnerability in the Cisco product called Small Business Switch, widely used by SMEs, leaves systems vulnerable to remote attacks by unauthenticated users. According to experts in network security and ethical hacking from the International Institute of Cyber Security, an attacker could […]
The company recommends that system administrators stay on the lookout for the release of update patches During its January update, the Oracle data management system announced that patches will be included to correct 248 new vulnerabilities present in multiple protocols, from the popular Oracle Database System to Solaris, Java and MySQL, as reported by network […]
Developers recommend users to update their systems as soon as possible The Drupal content management system (CMS) has just launched two security updates to correct critical vulnerabilities, as reported by network security and ethical hacking experts from the International Institute of Cyber Security. According to reports, if vulnerabilities were to be exploited, they would allow […]
New attacks that target a recent PHP framework vulnerability have been detected. It was last month that a code vulnerability was detected in the ThinkPHP framework; ThinkPHP is a rapid-development framework that is developed by TopThink, a Chinese firm. The vulnerability- CVE-2018-20062- was soon patched, but then a researcher detected new attacks targeting the vulnerability. […]
More than 300 million users have downloaded this app, so the incident is very serious ES File Explorer is one of the most popular Android operating system file management applications. It has useful functions like folder sharing, besides it is available for tablets and smartphones, although not everything is good news. Network security and ethical […]
Security investigators were able to steal access tokens attacking an Epic Games subdomain According to network security and ethical hacking specialists from the International Institute of Cyber Security, a recently discovered vulnerability in the account authentication system of Epic Games for the popular videogame Fortnite left exposed the gamers’ accounts. According to reports, malicious users […]
This error could have allowed hackers to modify multiple travel details Ethical hacking and network security specialists from the International Institute of Cyber Security report that due to a recently discovered vulnerability in the Amadeus reservation system, an attacker or attackers were able to access and change the reservations using only a reservation number. The […]
These flaws could lead to remote code execution on compromised systems According to experts in network security and ethical hacking from the International Institute of Cyber Security, a set of 36-year-old vulnerabilities in the implementation of the Secure Copy Protocol (SCP) of multiple client applications has been discovered; vulnerabilities could be exploited by malicious users […]
Hyatt Hotels will begin collaboration with external experts to avoid incidents that may affect its customers’ personal data Network security and ethical hacking specialists from the International Institute of Cyber Security reported that Hyatt Hotels has announced the implementation of its own vulnerability bounty program, after suffering a payment card information theft incident. The company […]